hash_token_secrets. Upon issuing a new token, the plain token value will be available for presenting to the user in
token.plaintext_token. Later comparisons will only be performed on the hashed token and the plain token can no longer be retrieved.
hash_token_secretswould implicitly invalidate all plaintext tokens since the plain tokens would no longer be found.
Digest::SHA256. You can provide other secret transformer implementations. To that end, have a look at the
Doorkeeper::SecretStoring::Sha256Hashclass. To specify another implementation, please use
fallback:option, otherwise all tokens stored under the previous secret storage implementation will be invalid.
hash_token_secretsis incompatible with the option
reuse_access_tokensince plain values can no longer be retrieved. If you enabled both, the latter will be disabled with a warning.
client_secret), uncomment the initializer line
hash_application_secrets. Application secrets will then by hashed by
secretvalue of the application being available during the request that created in as
application.plaintext_secret. In this request, you need to ensure the user noted the secret since you will no longer be able to show it afterwards.
hash_application_secretswould implicitly invalidate all plaintext secrets since they would no longer be found.